NSS

Overview
Code
Bugs
Blueprints
Translations
Answers

Bug #1002434
Comment #2

Comment 2 for bug 1002434

Revision history for this message

In Mozilla Bugzilla #636802, Bsmith-mozilla (bsmith-mozilla) wrote on 2011-02-25:

See blapit.h:

#define DH_MAX_P_BITS 2236

I would expect some servers to want to use 3072-bit keys (to match AES-128) based on the NIST guidelines. I did not find any such limit in OpenSSL (though I looked only briefly).